fix: use Docker container for cloud-provider-kind instead of Helm

Cloud-provider-kind is not distributed as a Helm chart. The correct
approach is to run it as a Docker container with access to the Docker
socket, connected to the KIND network. This commit:

- Rewrites the cloud-provider-kind installer to use Docker API instead
  of Helm
- Creates and manages the cloud-provider-kind container with proper
  configuration (Docker socket mount, KIND network connection)
- Updates tests to use Docker client mocks instead of Helm mocks
- Uses the official image: registry.k8s.io/cloud-provider-kind/cloud-controller-manager:latest

Fixes the 404 error when trying to fetch non-existent Helm chart from
https://kubernetes-sigs.github.io/cloud-provider-kind/index.yaml

Co-authored-by: devantler <[email protected]>

Author: Copilot

pkg/cli/setup/components.go

@@ -299,28 +299,24 @@ func InstallMetricsServerSilent(
 }
 
 // InstallLoadBalancerSilent installs LoadBalancer support silently for parallel execution.
-// For Vanilla (Kind) × Docker, installs Cloud Provider KIND.
+// For Vanilla (Kind) × Docker, installs Cloud Provider KIND as a Docker container.
 func InstallLoadBalancerSilent(
 	ctx context.Context,
 	clusterCfg *v1alpha1.Cluster,
 	factories *InstallerFactories,
 ) error {
-	helmClient, kubeconfig, timeout, err := helmClientSetup(clusterCfg, factories)
-	if err != nil {
-		return err
-	}
-
 	// Determine which LoadBalancer implementation to install based on distribution × provider
 	switch clusterCfg.Spec.Cluster.Distribution {
 	case v1alpha1.DistributionVanilla:
 		// Vanilla (Kind) × Docker uses Cloud Provider KIND
 		if clusterCfg.Spec.Cluster.Provider == v1alpha1.ProviderDocker {
-			lbInstaller := cloudproviderkindinstaller.NewCloudProviderKINDInstaller(
-				helmClient,
-				kubeconfig,
-				clusterCfg.Spec.Cluster.Connection.Context,
-				timeout,
-			)
+			// Create Docker client for container management
+			dockerClient, err := dockerclient.GetDockerClient()
+			if err != nil {
+				return fmt.Errorf("failed to create Docker client: %w", err)
+			}
+
+			lbInstaller := cloudproviderkindinstaller.NewCloudProviderKINDInstaller(dockerClient)
 
 			installErr := lbInstaller.Install(ctx)
 			if installErr != nil {

pkg/svc/installer/cloudproviderkind/installer.go

@@ -3,82 +3,203 @@ package cloudproviderkindinstaller
 import (
 	"context"
 	"fmt"
-	"time"
+	"io"
+	"strings"
 
-	"github.com/devantler-tech/ksail/v5/pkg/client/helm"
+	"github.com/docker/docker/api/types/container"
+	"github.com/docker/docker/api/types/filters"
+	"github.com/docker/docker/api/types/image"
+	"github.com/docker/docker/api/types/mount"
+	"github.com/docker/docker/api/types/network"
+	"github.com/docker/docker/client"
 )
 
-// CloudProviderKINDInstaller installs or upgrades Cloud Provider KIND.
+const (
+	// CloudProviderKindImage is the official cloud-provider-kind image.
+	CloudProviderKindImage = "registry.k8s.io/cloud-provider-kind/cloud-controller-manager:latest"
+	// CloudProviderKindContainerName is the name of the cloud-provider-kind container.
+	CloudProviderKindContainerName = "cloud-provider-kind"
+	// CloudProviderKindNetworkName is the default KIND network name.
+	CloudProviderKindNetworkName = "kind"
+	// DockerSocketPath is the path to the Docker socket.
+	DockerSocketPath = "/var/run/docker.sock"
+)
+
+// CloudProviderKINDInstaller manages the cloud-provider-kind Docker container.
 type CloudProviderKINDInstaller struct {
-	kubeconfig string
-	context    string
-	timeout    time.Duration
-	client     helm.Interface
+	client client.APIClient
 }
 
 // NewCloudProviderKINDInstaller creates a new Cloud Provider KIND installer instance.
 func NewCloudProviderKINDInstaller(
-	client helm.Interface,
-	kubeconfig, context string,
-	timeout time.Duration,
+	dockerClient client.APIClient,
 ) *CloudProviderKINDInstaller {
 	return &CloudProviderKINDInstaller{
-		client:     client,
-		kubeconfig: kubeconfig,
-		context:    context,
-		timeout:    timeout,
+		client: dockerClient,
 	}
 }
 
-// Install installs or upgrades Cloud Provider KIND via its Helm chart.
+// Install starts the cloud-provider-kind container if not already running.
 func (c *CloudProviderKINDInstaller) Install(ctx context.Context) error {
-	err := c.helmInstallOrUpgradeCloudProviderKIND(ctx)
+	// Check if container is already running
+	running, err := c.isContainerRunning(ctx)
 	if err != nil {
-		return fmt.Errorf("failed to install cloud-provider-kind: %w", err)
+		return fmt.Errorf("failed to check if container is running: %w", err)
+	}
+
+	if running {
+		return nil // Already running
+	}
+
+	// Ensure the cloud-provider-kind image is available
+	err = c.ensureImage(ctx)
+	if err != nil {
+		return fmt.Errorf("failed to ensure cloud-provider-kind image: %w", err)
+	}
+
+	// Create and start the container
+	err = c.createAndStartContainer(ctx)
+	if err != nil {
+		return fmt.Errorf("failed to create and start cloud-provider-kind container: %w", err)
 	}
 
 	return nil
 }
 
-// Uninstall uninstalls Cloud Provider KIND via Helm.
+// Uninstall stops and removes the cloud-provider-kind container.
 func (c *CloudProviderKINDInstaller) Uninstall(ctx context.Context) error {
-	err := c.client.UninstallRelease(ctx, "cloud-provider-kind", "kube-system")
+	containers, err := c.listContainers(ctx)
 	if err != nil {
-		return fmt.Errorf("failed to uninstall cloud-provider-kind: %w", err)
+		return fmt.Errorf("failed to list containers: %w", err)
+	}
+
+	if len(containers) == 0 {
+		return nil // Nothing to uninstall
+	}
+
+	// Stop and remove container
+	for _, ctr := range containers {
+		// Stop container if running
+		if strings.EqualFold(ctr.State, "running") {
+			err = c.client.ContainerStop(ctx, ctr.ID, container.StopOptions{})
+			if err != nil {
+				return fmt.Errorf("failed to stop container: %w", err)
+			}
+		}
+
+		// Remove container
+		err = c.client.ContainerRemove(ctx, ctr.ID, container.RemoveOptions{
+			Force: true,
+		})
+		if err != nil {
+			return fmt.Errorf("failed to remove container: %w", err)
+		}
 	}
 
 	return nil
 }
 
 // --- internals ---
 
-func (c *CloudProviderKINDInstaller) helmInstallOrUpgradeCloudProviderKIND(
-	ctx context.Context,
-) error {
-	repoEntry := &helm.RepositoryEntry{
-		Name: "cloud-provider-kind",
-		URL:  "https://kubernetes-sigs.github.io/cloud-provider-kind",
+// isContainerRunning checks if the cloud-provider-kind container is running.
+func (c *CloudProviderKINDInstaller) isContainerRunning(ctx context.Context) (bool, error) {
+	containers, err := c.listContainers(ctx)
+	if err != nil {
+		return false, err
+	}
+
+	if len(containers) == 0 {
+		return false, nil
+	}
+
+	return strings.EqualFold(containers[0].State, "running"), nil
+}
+
+// listContainers lists all cloud-provider-kind containers.
+func (c *CloudProviderKINDInstaller) listContainers(ctx context.Context) ([]container.Summary, error) {
+	filterArgs := filters.NewArgs()
+	filterArgs.Add("name", "^/"+CloudProviderKindContainerName+"$")
+
+	containers, err := c.client.ContainerList(ctx, container.ListOptions{
+		All:     true,
+		Filters: filterArgs,
+	})
+	if err != nil {
+		return nil, fmt.Errorf("failed to list containers: %w", err)
 	}
 
-	addRepoErr := c.client.AddRepository(ctx, repoEntry, c.timeout)
-	if addRepoErr != nil {
-		return fmt.Errorf("failed to add cloud-provider-kind repository: %w", addRepoErr)
+	return containers, nil
+}
+
+// ensureImage pulls the cloud-provider-kind image if not already present.
+func (c *CloudProviderKINDInstaller) ensureImage(ctx context.Context) error {
+	// Check if image exists
+	_, err := c.client.ImageInspect(ctx, CloudProviderKindImage)
+	if err == nil {
+		return nil // Image already exists
+	}
+
+	// Pull image
+	reader, err := c.client.ImagePull(ctx, CloudProviderKindImage, image.PullOptions{})
+	if err != nil {
+		return fmt.Errorf("failed to pull image: %w", err)
+	}
+	defer reader.Close()
+
+	// Consume pull output
+	_, err = io.Copy(io.Discard, reader)
+	if err != nil {
+		return fmt.Errorf("failed to read image pull output: %w", err)
 	}
 
-	spec := &helm.ChartSpec{
-		ReleaseName: "cloud-provider-kind",
-		ChartName:   "cloud-provider-kind/cloud-provider-kind",
-		Namespace:   "kube-system",
-		RepoURL:     "https://kubernetes-sigs.github.io/cloud-provider-kind",
-		Atomic:      true,
-		Wait:        true,
-		WaitForJobs: true,
-		Timeout:     c.timeout,
+	return nil
+}
+
+// createAndStartContainer creates and starts the cloud-provider-kind container.
+func (c *CloudProviderKINDInstaller) createAndStartContainer(ctx context.Context) error {
+	// Container configuration
+	containerConfig := &container.Config{
+		Image: CloudProviderKindImage,
+	}
+
+	// Host configuration - mount Docker socket
+	hostConfig := &container.HostConfig{
+		Mounts: []mount.Mount{
+			{
+				Type:   mount.TypeBind,
+				Source: DockerSocketPath,
+				Target: DockerSocketPath,
+			},
+		},
+		RestartPolicy: container.RestartPolicy{
+			Name: "unless-stopped",
+		},
+	}
+
+	// Network configuration - connect to KIND network
+	networkConfig := &network.NetworkingConfig{
+		EndpointsConfig: map[string]*network.EndpointSettings{
+			CloudProviderKindNetworkName: {},
+		},
+	}
+
+	// Create container
+	resp, err := c.client.ContainerCreate(
+		ctx,
+		containerConfig,
+		hostConfig,
+		networkConfig,
+		nil,
+		CloudProviderKindContainerName,
+	)
+	if err != nil {
+		return fmt.Errorf("failed to create container: %w", err)
 	}
 
-	_, err := c.client.InstallOrUpgradeChart(ctx, spec)
+	// Start container
+	err = c.client.ContainerStart(ctx, resp.ID, container.StartOptions{})
 	if err != nil {
-		return fmt.Errorf("failed to install cloud-provider-kind chart: %w", err)
+		return fmt.Errorf("failed to start container: %w", err)
 	}
 
 	return nil